A cryptographic key management system or service typically provides the generation, exchange, storage, use, and replacement of cryptographic or encryption keys. A typical key management system employed in a cloud computing and storage environment stores encrypted data and the key(s) used to encrypt the data in the same storage service or space. Due to this configuration, access to the storage service provides access to both the encrypted data and the key(s) needed to decrypt the data. If an unauthorized user gains access to the storage service, the unauthorized user also gains access to all the information needed to decrypt the data.